Security update for transfig SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2020:1702-1 Final 1 1 2020-10-20T04:20:58Z current 2020-10-20T04:20:58Z 2020-10-20T04:20:58Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for transfig This update for transfig fixes the following issues: Security issue fixed: - CVE-2019-14275: Fixed stack-based buffer overflow in the calc_arrow function (bsc#1143650). This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2020-1702 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TFP4B67IOXFKORNZ4X546NVCTMHPCEP2/ E-Mail link for openSUSE-SU-2020:1702-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1143650 SUSE Bug 1143650 https://www.suse.com/security/cve/CVE-2019-14275/ SUSE CVE CVE-2019-14275 page openSUSE Leap 15.2 transfig-3.2.6a-lp152.6.3.1 transfig-3.2.6a-lp152.6.3.1 as a component of openSUSE Leap 15.2 Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. CVE-2019-14275 openSUSE Leap 15.2:transfig-3.2.6a-lp152.6.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TFP4B67IOXFKORNZ4X546NVCTMHPCEP2/ https://www.suse.com/security/cve/CVE-2019-14275.html CVE-2019-14275 https://bugzilla.suse.com/1143650 SUSE Bug 1143650